Published on: 2013-05-14T17:30:05+00:00
Adam Back, a prominent cryptographer involved in the development of Bitcoin, has expressed concerns about the lack of privacy in the cryptocurrency and its potential impact on taint and revocability. Taint refers to the risk of coins becoming unspendable or only spendable at a discount due to their transaction history. While Bitcoin's policy states that all coins should be equally acceptable, individuals can reject them based on their taint.However, there have been no reported issues with revocability or taint inspection thus far. People currently have the option and technical means to check the taint of coins and send them back if necessary. This lack of privacy has also not been thoroughly documented in terms of Bitcoin traceability when using various privacy enhancement methods, such as using different addresses for each transaction, washing coins, or utilizing anonymity networks.Rejecting tainted coins could greatly diminish the usability of Bitcoin as a globally adopted currency. It is unlikely that people would want to use a currency that risks becoming unspendable or requires extensive know-your-customer (KYC) procedures and background checks for every transaction. Additionally, if a significant number of coins were blacklisted, it would render the currency useless for everyone. While specialized currencies in specific markets might be able to address these issues, a common global currency like Bitcoin cannot afford such problems.In an email exchange between Simon and Adam, Simon proposes a privacy-enhancing solution based on fair exchange through bitcoin contracts and cut-and-choose. This solution involves a public pool of users who would simultaneously exchange in common denominations, ensuring unlinkability while leaving a trace of exchange activity on the blockchain. Simon provides a link to the solution, which can potentially be integrated into wallet software to automate the process.Adam responds by discussing his thoughts on ecash and revocability, as well as the taint issue in Bitcoin. He suggests that commitments could be an efficient fix for the taint problem without the need for blinding or zero-knowledge proof (ZKP) of set membership. The idea is to commit to a payment and lock a coin without revealing one's identity until the commitment is released. This approach resembles a self-issued green coin that requires no trust and can be immediately cleared. To prevent double-spending, the recipient would also need to be committed simultaneously.Adam also mentions an article by Sander & Ta Shma on "Auditable, Anonymous Electronic Cash," which explores blinding-based unlinkability in a distributed cryptographic payer/payee anonymous system. These systems rely on ZKP of set membership, which can be computationally expensive. Zerocoin offers a more efficient form of ZKP with its cut-and-choose proof. Commitments, another related concept, could potentially address the taint issue as well.Overall, Adam Back raises important concerns about taint and revocability in cryptocurrencies, particularly Bitcoin. He suggests potential fixes such as commitments and discusses existing research on ecash and anonymity. These discussions highlight the ongoing efforts to enhance privacy and usability in digital currencies.
Updated on: 2023-08-01T04:52:52.960099+00:00